Commit b33893b2 authored by unknown's avatar unknown

Fixed unlikely stack bug when having a BIG expression of type 1+1-1+1-1... in...

Fixed unlikely stack bug when having a BIG expression of type 1+1-1+1-1... in certain combinations. Bug #871


sql-bench/limits/mysql.cfg:
  Updated limits
sql/item_cmpfunc.cc:
  Test for stack checking
sql/item_func.cc:
  Test for stack checking
parent 1ede6749
......@@ -177,7 +177,7 @@ compute=no # Compute
###> execute error:You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'compute sum(a) by a' at line 1
###
###As far as some queries didnt return OK, result is NO
connections=99 # Simultaneous connections (installation default)
connections=101 # Simultaneous connections (installation default)
constraint_check=syntax only # Column constraints
###< create table crash_q (a int check (a>0))
###> OK
......@@ -345,7 +345,7 @@ date_format_inresult=iso # Date format in result
###> OK
###
###< select a from crash_me_d
###> 2003-03-26
###> 2003-08-27
###< delete from crash_me_d
###> OK
date_infinity=error # Supports 'infinity dates
......@@ -695,7 +695,7 @@ func_extra_elt=yes # Function ELT
func_extra_encrypt=yes # Function ENCRYPT
###
###<select encrypt('hello')
###>tJNum3fO44bOE
###>tHrzZO8Aq1FG6
func_extra_expand2arg=no # Function EXPAND
###
###<select expand('abcd',6)
......@@ -991,7 +991,7 @@ func_extra_subtime=no # Function SUBTIME
func_extra_sysdate=yes # Function SYSDATE
###
###<select sysdate()
###>2003-03-26 13:44:57
###>2003-08-27 19:55:21
func_extra_tail=no # Function TAIL
###
###<select tail('ABCDEFG',3)
......@@ -1056,7 +1056,7 @@ func_extra_uid=no # Function UID
func_extra_unix_timestamp=yes # Function UNIX_TIMESTAMP
###
###<select unix_timestamp()
###>1048679097
###>1062003321
func_extra_userenv=no # Function USERENV
###
###<select userenv
......@@ -1068,7 +1068,7 @@ func_extra_value=no # Function VALUE
func_extra_version=yes # Function VERSION
###
###<select version()
###>4.0.12-debug
###>4.0.15-debug-log
func_extra_weekday=yes # Function WEEKDAY
###
###<select weekday('1997-11-29') from crash_me_d
......@@ -1136,11 +1136,11 @@ func_odbc_cot=yes # Function COT
func_odbc_curdate=yes # Function CURDATE
###
###<select curdate()
###>2003-03-26
###>2003-08-27
func_odbc_curtime=yes # Function CURTIME
###
###<select curtime()
###>13:44:57
###>19:55:21
func_odbc_database=yes # Function DATABASE
###
###<select database()
......@@ -1269,7 +1269,7 @@ func_odbc_monthname=yes # Function MONTHNAME
func_odbc_now=yes # Function NOW
###
###<select now()
###>2003-03-26 13:44:57
###>2003-08-27 19:55:21
func_odbc_pi=yes # Function PI
###
###<select pi()
......@@ -1416,15 +1416,15 @@ func_sql_concat_as_||=error # Function concatenation with ||
func_sql_current_date=yes # Function CURRENT_DATE
###
###<select current_date
###>2003-03-26
###>2003-08-27
func_sql_current_time=yes # Function CURRENT_TIME
###
###<select current_time
###>13:44:57
###>19:55:21
func_sql_current_timestamp=yes # Function CURRENT_TIMESTAMP
###
###<select current_timestamp
###>2003-03-26 13:44:57
###>2003-08-27 19:55:21
func_sql_current_user=with_parenthesis # CURRENT_USER
###< select CURRENT_USER
###> execute error:Unknown column 'CURRENT_USER' in 'field list'
......@@ -1438,11 +1438,11 @@ func_sql_extract_sql=yes # Function EXTRACT
func_sql_localtime=yes # Function LOCALTIME
###
###<select localtime
###>2003-03-26 13:44:57
###>2003-08-27 19:55:21
func_sql_localtimestamp=yes # Function LOCALTIMESTAMP
###
###<select localtimestamp
###>2003-03-26 13:44:57
###>2003-08-27 19:55:21
func_sql_lower=yes # Function LOWER
###
###<select LOWER('ABC')
......@@ -1846,6 +1846,16 @@ left_outer_join_using=yes # left outer join using
###> OK
###
###As far as all queries returned OK, result is YES
length_of_varchar_field=actual length # CHARACTER_LENGTH(varchar_field)
###< CREATE TABLE crash_me1 (S1 VARCHAR(100))
###> OK
###< INSERT INTO crash_me1 VALUES ('X')
###> OK
###
###< SELECT CHARACTER_LENGTH(S1) FROM crash_me1
### > 1
###< drop table crash_me1
###> OK
like_with_column=yes # column LIKE column
###< create table crash_q (a char(10),b char(10))
###> OK
......@@ -1880,7 +1890,7 @@ logical_value=1 # Value of logical operation (1=1)
###>1
max_big_expressions=10 # big expressions
###We are trying (example with N=5):
###select 0+(1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+...(16398)
###select 0+(1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+...(14308)
### 50:FAIL 10:OK 30:FAIL 14:FAIL 11:FAIL
max_char_size=255 # max char() size
###We are trying (example with N=5):
......@@ -1902,10 +1912,10 @@ max_conditions=85660 # OR and AND in WHERE
###We are trying (example with N=5):
###select a from crash_me where a=1 and b='a' or a=0 and b='0' or a=1 and b='1' or a=2 and b='2' or a=3 and b='3' or a=4 and b='4'
### 27592:OK 41389:OK 48287:FAIL 42769:OK 45528:FAIL 43321:FAIL 42880:FAIL 42791:OK 42835:FAIL 42800:OK 42817:OK 42826:OK 42830:OK 42832:FAIL 42831:FAIL
max_expressions=1659 # simple expressions
max_expressions=1450 # simple expressions
###We are trying (example with N=5):
###select 1+1+1+1+1+1
### 5000:FAIL 1000:OK 3000:FAIL 1400:OK 2200:FAIL 1560:OK 1880:FAIL 1624:OK 1752:FAIL 1650:OK 1701:FAIL 1660:FAIL 1652:OK 1656:OK 1658:OK 1659:OK
### 5000:FAIL 1000:OK 3000:FAIL 1400:OK 2200:FAIL 1560:FAIL 1432:OK 1496:FAIL 1445:OK 1470:FAIL 1450:OK 1460:FAIL 1452:FAIL 1451:FAIL
max_index=32 # max index
### max_unique_index=32 ,so max_index must be same
max_index_length=500 # index length
......@@ -1946,10 +1956,10 @@ max_row_length_with_null=65502 # table row length with nulls (without blobs)
max_select_alias_name=+512 # select alias name length
###We are trying (example with N=5):
###select b as aaaaa from crash_me
max_stack_expression=1659 # stacked expressions
max_stack_expression=1450 # stacked expressions
###We are trying (example with N=5):
###select 1+(1+(1+(1+(1+(1)))))
### 1000:OK 1500:OK 1750:FAIL 1550:OK 1650:OK 1700:FAIL 1660:FAIL 1652:OK 1656:OK 1658:OK 1659:OK
### 1000:OK 1500:FAIL 1100:OK 1300:OK 1400:OK 1450:OK 1475:FAIL 1455:FAIL 1451:FAIL
max_table_alias_name=+512 # table alias name length
###We are trying (example with N=5):
###select aaaaa.b from crash_me aaaaa
......@@ -2119,7 +2129,7 @@ odbc_left_outer_join=yes # left outer join odbc style
###> OK
###
###As far as all queries returned OK, result is YES
operating_system=Linux 2.4.18-my-4GB i686 # crash-me tested on
operating_system=Linux 2.4.20-64GB-SMP i686 # crash-me tested on
order_by=yes # Order by
###< select a from crash_me order by a
###> OK
......@@ -3696,7 +3706,7 @@ reserved_word_ansi-92/99_section=no # Keyword SECTION
###As far as all queries returned OK, result is NO
reserved_word_ansi-92/99_select=yes # Keyword SELECT
###< create table crash_me10 (SELECT int not null)
###> execute error:You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'SELECT int not null)' at line 1
###> execute error:You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'int not null)' at line 1
###< drop table crash_me10
###> execute error:Unknown table 'crash_me10'
###
......@@ -6043,12 +6053,56 @@ select_without_from=yes # SELECT without FROM
###> OK
###
###As far as all queries returned OK, result is YES
server_version=MySQL 4.0.12 debug/ # server version
server_version=MySQL 4.0.15 debug log/ # server version
simple_joins=yes # ANSI SQL simple joins
###< select crash_me.a from crash_me, crash_me t0
###> OK
###
###As far as all queries returned OK, result is YES
sorted_group_by=yes # Group by always sorted
###< create table crash_me_t1 (a int not null, b int not null)
###> OK
###< insert into crash_me_t1 values (1,1)
###> OK
###< insert into crash_me_t1 values (1,2)
###> OK
###< insert into crash_me_t1 values (3,1)
###> OK
###< insert into crash_me_t1 values (3,2)
###> OK
###< insert into crash_me_t1 values (2,2)
###> OK
###< insert into crash_me_t1 values (2,1)
###> OK
###< create table crash_me_t2 (a int not null, b int not null)
###> OK
###< create index crash_me_t2_ind on crash_me_t2 (a)
###> OK
###< insert into crash_me_t2 values (1,3)
###> OK
###< insert into crash_me_t2 values (3,1)
###> OK
###< insert into crash_me_t2 values (2,2)
###> OK
###< insert into crash_me_t2 values (1,1)
###> OK
###
###< select crash_me_t1.a,crash_me_t2.b from crash_me_t1,crash_me_t2 where crash_me_t1.a=crash_me_t2.a group by crash_me_t1.a,crash_me_t2.b
### > 1,1
### > 1,3
### > 2,2
### > 3,1
###
### Check recordset:
### 1,1 expected: 1,1
### 1,3 expected: 1,3
### 2,2 expected: 2,2
### 3,1 expected: 3,1
### Recordset corresponds with template
###< drop table crash_me_t1
###> OK
###< drop table crash_me_t2
###> OK
storage_of_float=round # Storage of float values
###< create table crash_q (q1 float(4,1))
###> OK
......@@ -6166,7 +6220,7 @@ time_format_inresult=iso # Time format in result
###> OK
###
###< select a from crash_me_t
###> 13:44:57
###> 19:55:21
###< delete from crash_me_t
###> OK
transactions=yes # transactions
......
......@@ -1190,7 +1190,7 @@ Item_cond::fix_fields(THD *thd,TABLE_LIST *tables)
and_tables_cache= ~(table_map) 0;
if (thd && check_stack_overrun(thd,buff))
return 0; // Fatal error flag is set!
return 1; // Fatal error flag is set!
while ((item=li++))
{
table_map tmp_table_map;
......
......@@ -68,7 +68,7 @@ Item_func::fix_fields(THD *thd,TABLE_LIST *tables)
const_item_cache=1;
if (thd && check_stack_overrun(thd,buff))
return 0; // Fatal error if flag is set!
return 1; // Fatal error if flag is set!
if (arg_count)
{ // Print purify happy
for (arg=args, arg_end=args+arg_count; arg != arg_end ; arg++)
......@@ -1170,7 +1170,7 @@ udf_handler::fix_fields(THD *thd,TABLE_LIST *tables,Item_result_field *func,
if (thd)
{
if (check_stack_overrun(thd,buff))
return 0; // Fatal error flag is set!
DBUG_RETURN(1); // Fatal error flag is set!
}
else
thd=current_thd; // In WHERE / const clause
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment